CVE-2006-1684 Information

Description

Unspecified vulnerability in ecotwo Shopsystem 1.0-192 and earlier allows remote attackers to include arbitrary local files via (1) the lang parameter in news.php and (2) other unspecified vectors.

Reference

http://pridels0.blogspot.com/2006/04/ecotwo-shopsystem-vuln.html